New iPad - "Invalid profile" Apple Business manager using Enrollment program tokens

Occasional Contributor

Hello,

 

I have recently created an Apple Business Manager account, purchased iPads through the Apple Business Store which linked directly into Devices under business.apple.com devices. 

 

I have configured MDM server (Intune) successfully via the Apple Business Manager. Everything seems to be Synced. For example, if I go to Intune, Enroll devices, Enrollment program tokens, I can see the new iPads in "ready to enroll". I've created a Profile and assigned it to the iPads. The state is "Not Contacted" but I figure that's normal until the enrolment is done?

 

I tried enrolling just a single iPad to start with and I'm hitting Invalid Profile (see screenshot).

 

Not sure what I've done wrong.

 

Appreciate some help.

 

Thanks

8 Replies
HI,

Could you confirm al the tokens are still valid?
How are the devices enrolled into the ABM, with the apple configurator or by the supplier?

@Rudy_Ooms thanks for your reply. They are enrolled into ABM by the supplier (purchased through Apple Business Store). The token is valid as far as I can see.

 

Additional screenshots provided.

 

I've since tried updating the iPad through iTunes and performed a factory reset. Still the same error.

Hi

To be sure could you check

-if there any enrollment restrictions that would block it

-If the devices were assigned to an MDM server with DEP profile configured before running setup assistant on the device

Rudy_Ooms_0-1622115521905.png

 

And maybe to test it... do you have a mac ? so you can try to configure the iPad with the apple configurator

@Rudy_Ooms Please find enrollment restrictions attached

 

I'm quite certain the devices were assigned to the MDM server beforehand. Just in case they weren't though, is there a way to "reset" and start from scratch? I did try restoring the iPad to factory using iTunes but still the same error.

 

I don't have a Mac unfortunately.

 

Thanks,

Glenn

@glennsfield 

 

-----

In Apple Business Manager , sign in with an account that has the role of Administrator or Device Enrolment Manager.
Click Devices in the sidebar, search for a device in the search field, then select the device from the list.
After you have searched for devices, select the total number of devices at the top of the list, then click .

Rudy_Ooms_0-1622183661639.png

 

Do one of the following:

Choose Assign to server, then choose the MDM server you want to assign or reassign the device to.

Choose Unassign to unassign the device from an MDM server.

 

Note: If you select a device that is unassigned, you will not see the unassigned option.

Click Continue.

 

A new activity generates a list of the devices that are assigned or reassigned to the selected MDM server, or unassigned from an MDM server. You can wait for the activity to complete or click Close to close the window.

 

----

So if you can't click un unassigned, the device has no mdm server assigned..

@Rudy_Ooms 

Hi Rudy,

I reassigned them but I believe they were already assigned. Please see screenshot.

Interesting, when I connect the iPad to iTunes, it comes up with this now (see screenshot). However, I'm still getting invalid profile error.

@glennsfield Check if your MDM Push Certificate has expired. 

Here is the KB: Get an Apple MDM Push certificate